ISSN 2083-6473
ISSN 2083-6481 (electronic version)




Associate Editor
Prof. Tomasz Neumann

Published by
TransNav, Faculty of Navigation
Gdynia Maritime University
3, John Paul II Avenue
81-345 Gdynia, POLAND
www http://www.transnav.eu
e-mail transnav@umg.edu.pl
Raising Awareness on Cyber Security of ECDIS
1 University of Rijeka, Rijeka, Croatia
ABSTRACT: In the maritime transport, the Electronic Chart Display and Information System (ECDIS) has been developed into a complex computer-based ship critical operational technology system, playing central roles in the safe ship navigation and transport. While ECDIS software maintenance is regulated by the International Maritime Organization (IMO) ECDIS performance standards and related circulars, underlying software and hardware arrangements are implemented by ship-owners and supported by ECDIS equipment manufacturers. In this paper, we estimate ECDIS cyber security in order to study the origin of ECDIS cyber security risks. A set of ECDIS systems is examined using an industry-leading vulnerability scanning software tool, and cyber threats regarding the ECDIS backup arrangement, underlying operating system and third party applications are studied.
Balduzzi, M., Pasta, A., Wilhoit, K. 2014. A security evaluation of AIS automated identification system. Proceedings of the 30th Annual Computer Security Applications Conference, pp 436-445, New Orleans, USA. - doi:10.1145/2664243.2664257
Burton, J. 2016. Cyber attacks and maritime situational awareness: Evidence from Japan and Taiwan. Proceedings of the 2016 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, London, UK. - doi:10.1109/CyberSA.2016.7503295
Federal Cyber Emergency Team (CERT.be). 2018. Petya/NotPetya Malware - Report on worldwide infection. Available at: https://www.cert.be/files/CERTbe_Petya_NotPetya_Malware_E.pdf (10.12.2018).
Hareide, O.S., Jøsok, Ø., Lund, M.S., Ostnes, R., Helkala, K. 2018. Enhancing Navigator Competence by Demonstrating Maritime Cyber Security. Journal of Navigation 71: 1025- 1039. - doi:10.1017/S0373463318000164
Hassani, V., Crasta, N., Pascoal, A.M. 2017. Cyber security issues in navigation systems of marine vessels from a control perspective. Proceedings of the International Conference on Ocean, Offshore Mechanics and Arctic Engineering, Trondheim, Norway. - doi:10.1115/OMAE2017-61771
International Hydrographic Organization (IHO) (2017). Information on IHO Standards related to ENC and ECDIS. Version 1.1. Monaco: IHO.
International Hydrographic Organization (IHO) (2018). Current IHO ECDIS and ENC Standards. Monaco: IHO.
International Maritime Organization (2006). MSC.232(82): Adoption of the revised performance standards for Electronic Chart Display and Information Systems (ECDIS). London: IMO.
International Maritime Organization (2009). MSC.282(86): Adoption of amendments to the International Convention for the Safety Of Life At Sea, 1974. Annex 1. London: IMO.
International Maritime Organization. (2010). SN.1/Circ.266/Rev.1: Maintenance of Electronic Chart Display and Information System (ECDIS) software. London: IMO.
International Maritime Organization (2014). International Convention for the Safety of Life at Sea (SOLAS), 1974 as amended. London: IMO.
International Maritime Organization. 2017. Resolution MSC.1/Circ.1503/Rev.1, ECDIS – GUIDANCE FOR GOOD PRACTICE. London: IMO.
International Maritime Organization. 2017. Resolution MSC.428(98), Maritime Cyber Risk Management in Safety Management Systems. London: IMO.
International Maritime Organization. 2017. Resolution MSC-FAL.1/Circ.3, Guidelines On Maritime Cyber Risk Management. London: IMO.
Lee, Y.C., Park, S.K., Lee, W.K., Kang, J. 2017. Improving cyber security awareness in maritime transport: A way forward. Journal of the Korean Society of Marine Engineering, 41: 738-745. - doi:10.5916/jkosme.2017.41.8.738
Microsoft. 2018. Microsoft Security Bulletin MS17-010 - Critical. Available at: https://technet.microsoft.com/library/security/MS17-010 (10.12.2018).
Nessus. 2018. Tenable Products: Nessus Professional version 8. Available at: https://www.tenable.com/products/nessus/nessus-professional (10.12.2018).
Polatid, N., Pavlidis, M., Mouratidis, H. 2018. Cyber-attack path discovery in a dynamic supply chain maritime risk management system. Computer Standards Interfaces 59, 74– 82. - doi:10.1016/j.csi.2017.09.006
Shapiro, L.R., Maras, M.H., Velotti, L., Pickman, S., Wei, H.L., Till, R. 2018. Trojan horse risks in the maritime transportation systems sector. Journal of Transportation Security 8, 1–19.
Svilicic, B., Kamahara, J., Rooks, M., Yano, Y. 2019. Maritime Cyber Risk Management: An Experimental Ship Assessment. Journal of Navigation: in press. Available at: https://doi.org/10.1017/S0373463318001157 (25.02.2019). - doi:10.1017/S0373463318001157
Svilicic, B., Celic, J., Kamahara, J., Bolmsten, J. 2018. A Framework for Cyber Security Risk Assessment of Ships. Proceedings of 19th International Association of Maritime Universities Conference, pp 21-28, Barcelona, Spain.
Svilicic, B., Kras, A. 2005. Computer Systems Privacy Protection. Pomorstvo - Scientific Journal of Maritime Research 19 (1), 275–284.
Tam, K., Jones, K. 2019. MaCRA: a model-based framework for maritime cyber-risk assessment. WMU Journal of Maritime Affairs: in press. Available at: https://doi.org/10.1007/s13437-019-00162-2 (25.02.2019). - doi:10.1007/s13437-019-00162-2
Transas. 2018. Navi-Sailor 4000 ECDIS. Available at: http://www.transas.com/products/navigation/ecdis/ECDIS(10.12.2018).
United States Computer Emergency Readiness Team (US-CERT). 2018. Alert (TA17-181A) Petya Ransomware. Available at: https://www.us-cert.gov/ncas/alerts/TA17-181A (10.12.2018).
Citation note:
Svilicic B., Brčić D., Žuškin S., Kalebić D.: Raising Awareness on Cyber Security of ECDIS. TransNav, the International Journal on Marine Navigation and Safety of Sea Transportation, Vol. 13, No. 1, doi:10.12716/1001.13.01.24, pp. 231-236, 2019
Authors in other databases:
Boris Svilicic:
Srdjan Žuškin:
David Kalebić:

Other publications of authors:

File downloaded 623 times

Important: TransNav.eu cookie usage
The TransNav.eu website uses certain cookies. A cookie is a text-only string of information that the TransNav.EU website transfers to the cookie file of the browser on your computer. Cookies allow the TransNav.eu website to perform properly and remember your browsing history. Cookies also help a website to arrange content to match your preferred interests more quickly. Cookies alone cannot be used to identify you.
Akceptuję pliki cookies z tej strony